Share this story

Further Reading

I’m a regular Venmo user. I used the service a month ago to receive $30 from my sister-in-law. I used it again two weeks ago to reimburse my brother after we threw our father a surprise birthday party. It’s a perfectly useful service.

But unlike most Venmo users, I have my transactions set to "private"—and I've never understood why the default setting was "public."

Why would I want the world, even my Internet friends, to know when I settle bar bills? I know of no mainstream payment system that makes its transactions public. PayPal, Venmo’s parent company, doesn’t even do this. After new scrutiny last week, Venmo still will not explain fully why the public default is useful.

Scrape away!

Anyone who knows anything about how the Internet works knows that public-facing online data can easily be scraped and aggregated. Of course, someone did just that with Venmo transactions. Frankly, I’m surprised it took this long.

Just last week, it was revealed that a Berlin-based privacy researcher, Hang Do Thi Duc, used Venmo’s own API to "gather and save all public transactions from 2017." Yep, all 207,984,218 of them.

The Cannabis Retailer. This Venmo user sells pot in Santa Barbara, CA. The transactions between him and his customers are captioned with emojis and mentions of "weed," "grass," medicine," "CBD," "stacked kush," and "gorilla cookie." Business is booming for him — he had a total of 920 incoming payments in 2017.

The Corn Dealer. This Venmo user operates a food cart at University of California, Santa Barbara and sells Latin American eats. The cart vendor had a total of 8,026 transactions in 2017. I was able to tell the most popular menu item ("elote," or corn on the cob), along with who bought food, how often and at what time of day.

The Lovers. Forget soap operas and romantic novels — Venmo is the best place to find drama. I uncovered two lengthy love stories between Venmo users, complete with flirting, arguing, apologies, and threats. One couple feuds: "You don’t love me," a lover wrote. The other couple flirts regularly: "I’m waiting for the sugar daddy," a lover wrote.

This isn’t the first time that Venmo has been slammed for privacy violations.

In the US, the Federal Trade Commission raised privacy concerns when it filed a formal legal complaint against PayPal in February 2018. As the FTC wrote:

The label describing the Default Audience Setting would lead a reasonable consumer to believe that she could limit the visibility of all of her future transactions by restricting this setting. Thus, a consumer who sets the Default Audience Setting to "Participants Only" would likely assume that, by default, all of her transactions will be viewable only by the participants of the transaction, regardless of whether she is the initiator or recipient of a transaction.

In fact, however, a consumer must also change Venmo’s second setting, the Transaction Sharing Setting, in order to ensure that all of her transactions are private. As depicted in the screenshots above, the Transaction Sharing Setting contains two options: "Everyone" or "Only Me." By default, it is set to "Everyone." If a consumer fails to change the Transaction Sharing Setting to "Only Me," some of her transactions will still be published publicly even if she has chosen a "private" default audience through the Default Audience Setting.

By May 24, 2018, Venmo agreed that within 150 days it would make clearer to users how they could change their privacy settings. That change finally took place last week in a series of screens that I noticed when I opened up my app last Friday.

Cyrus Farivar

Cyrus Farivar

When I asked Venmo directly about its policy, spokesman Joe Gallo didn't answer my question about why Venmo transactions are public by default. Instead, he provided me a statement with a lot of words that didn’t really say anything.

By Friday, @VenmoSupport tried to give a better answer, which was still frustrating.

Hi everyone! At its core, Venmo provides a social way to pay your friends when you owe them money and don't want to deal with cash. You always have the option to elect for Privacy on your payments, but being a social app is what sets Venmo apart from everyone else!

Look, if people want to share their drug deals and beer debts publicly, more power to them. But they should affirmatively consent to doing so. There’s a pithy phrase—"privacy by design"—that goes back more than 20 years. Venmo would do well to heed it.

Share this story

Cyrus Farivar
Cyrus is a Senior Tech Policy Reporter at Ars Technica, and is also a radio producer and author. His latest book, Habeas Data, about the legal cases over the last 50 years that have had an outsized impact on surveillance and privacy law in America, is out now from Melville House. He is based in Oakland, California. Emailcyrus.farivar@arstechnica.com//Twitter@cfarivar